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EXAMINER'S ANSWER 



This is in response to the appeal brief filed 1 1/19/2007 appealing from the Office action 
mailed 7/24/2007. 
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(1) Real Part in Interest 

A statement identifying the real party in interest is contained in the brief. 

(2) Related Appeals and Interferences 

The examiner is not aware of any related appeals, interferences, or judicial 
proceedings which will directly affect or be directly affected by or have a bearing on the 
Board's decision in the pending appeal. 

(3) Status of Claims 

The statement of the status of claims contained in the brief is correct. 

(4) Status of Amendments After Final 
No amendment after final has been filed. 

(5) Summary of Claimed Subject Matter 

The summary of claimed subject matter contained in the brief is correct. 

(6) Grounds of Rejection to be Reviewed on Appeal 

The appellant's statement of the grounds of rejection to be reviewed on appeal is 
correct. 

(7) Claims Appendix 

The copy of the appealed claims contained in the Appendix to the brief is correct. 

(8) Evidence Relied Upon 

6,412,009 Erickson et al. 6-2002 

6,101,543 Alden 8-2002 

(9) Grounds of Rejection 

The following ground(s) of rejection are applicable to the appealed claims: 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 55-81 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Alden et al. (U.S. Patent 6,1 01 ,543) in view of Erickson et al. (U.S. Patent 6,41 2,009). 

For claim 55, Alden teaches, a method of communicating between computers, 
comprising the steps of: 

(1) transmitting from a first computer to an intermediate server computer a first 
message through a firewall that is to Internet traffic, wherein the first message requests 
establishment of a connection between the first computer and the intermediate server 
computer over a first return path; (Alden, Col. 6 lines 47-67, tunnel, firewall) 

(2) receiving from the intermediate server computer a response including a 
connection identifier corresponding to the first return path; (Alden, Col. 6 lines 47-67, 
tunnel) 

(4) exchanging encryption keys between the first computer and the intermediate 
server computer; (Alden, Col. 8 lines 45-67, keys) 

(5) repeating steps (1) through (4) between a second computer and the 
intermediate server computer, thereby creating a second return path between the 
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second computer and the intermediate server computer; (Alden, Col. 6 lines 47-67, 
tunnel) 

(6) transmitting encrypted information from the first computer to the intermediate 
server computer using further messages; (Alden, Col. 8 lines 45-67, keys) 

and (7) transmitting the encrypted information from the intermediate server over 
the second return path. (Alden, Col. 8 lines 45-67, keys) 

Alden fails to teach, HTTP POST, (3) periodically transmitting from the intermediate 
server computer to the first computer a "keep alive" message if no further messages are 
received from the first computer within a period of time; 

Erickson teaches, outbound, HTTP POST (Erickson , Col. 5 lines 47-67, Col. 8 lines 20- 
40, figure 5, Http Post), (3) periodically transmitting from the intermediate server 
computer to the first computer a "keep alive" message over the first return path, if no 
further messages are sent to the first computer within a period of time; (Erickson , Col. 5 
lines 47-67, Col. 8 lines 20-40, figure 5, Http, Keep-Alive) 

Alden and Erickson are both in the field of tunnels 

Alden and Erickson are compatible because Alden allows for a connection thru firewalls 
(Alden, Col. 6 lines 46-56) 
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It would have been obvious to on of ordinary skill in the art at the time of the 
invention was made to combine Alden with Erickson in order to over prior issue with use 
of web client access to network within firewall allowing a connection. (Erickson Col. 2 
lines 26-64 and Col. 4 lines 10-22) 

For claim 56, Alden- Erickson teaches, the method of claim 55, further comprising the 
steps of, in the intermediate server computer, decrypting encrypted information received 
from the first computer using encryption keys shared between the first computer and the 
intermediate computer, and then re-encrypting the received information using 
encryption keys shared between the intermediate computer and the second computer. 
(Alden, Col. 8 lines 45-67. keys) The same motivation that was utilized in the rejection 
of claim 55, applies equally as well to claim 56. 

For claim 57, Alden- Erickson teaches, a method of communicating between a first 
computer protected by a first firewall and a second computer protected by a different 
second firewall, comprising the steps of: 

(1) at a third computer situated between the first firewall and the different second 
firewall, receiving a first HTTP message from the first computer through a port in the 
first firewall that is configured to be open to outgoing HTTP traffic and open to incoming 
HTTP traffic that is responsive to and linked to outgoing HTTP traffic; (Alden, Col. 6 
lines 46-56, tunnel) and (Erickson , Col. 5 lines 47-67, Col. 8 lines 20-40, figure 5, Http, 
Keep-Alive) 
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(2) from the third computer, sending a first response message to the first 
computer through the port in the first firewall, thereby establishing a first receive channel 
through the first firewall, wherein the first response message is linked to the first HTTP 
message; (Alden, Col. 6 lines 46-56, tunnel) (Erickson , Col. 5 lines 47-67, Col. 8 lines 
20-40, figure 5, Http, Keep-Alive) 

(3) at the third computer, receiving a second HTTP message from the second 
computer through a port in the different second firewall that is configured to be open to 
outgoing HTTP traffic and open to incoming HTTP traffic that is responsive to and linked 
to outgoing HTTP traffic; (Alden, Col. 6 lines 46-56, tunnel) (Erickson , Col. 5 lines 47- 
67, Col. 8 lines 20-40, figure 5, Http, Keep-Alive) 

(4) from the third computer, sending a second response message to the second 
computer through the port in the different second firewall, thereby establishing a second 
receive channel through the second firewall, wherein the second response message is 
linked to the second HTTP message; (Alden, Col. 6 lines 46-56, tunnel) (Erickson , Col. 
5 lines 47-67, Col. 8 lines 20-40, figure 5, Http, Keep-Alive) 

(5) at the third computer, receiving a third encrypted HTTP message from the 
first computer through the port in the first firewall; (Alden, Col. 6 lines 46-56, tunnel) 
(Erickson , Col. 5 lines 47-67, Col. 8 lines 20-40, figure 5, Http, Keep-Alive) 

determining that the third encrypted HTTP message is intended to be delivered 
to the second computer, and transmitting to the second computer the third encrypted 
HTTP message, wherein the third encrypted HTTP message is transmitted over the 
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second receive channel to the second computer; (Alden, Col. 6 lines 46-56, tunnel) 
(Erickson , Col. 5 lines 47-67, Col. 8 lines 20-40, figure 5, Http, Keep-Alive) 

and (6) from the third computer, periodically transmitting "keep alive" messages 
to the first and second computers to avoid a time-out condition. (Erickson , Col. 5 lines 
47-67, Col. 8 lines 20-40, figure 5, Http, Keep-Alive) 

The same motivation that was utilized in the rejection of claim 55, applies equally 
as well to claim 57. 

For claim 58, Alden- Erickson teaches, the method of claim 57, wherein step (5) is 
performed at the third computer by transmitting the third encrypted HTTP message to 
the second computer without decrypting contents of the third encrypted HTTP message. 
(Erickson , Col. 5 lines 47-67, Col. 8 lines 20-40, figure 5, Http) The same motivation 
that was utilized in the rejection of claim 55, applies equally as well to claim 58. 

For claim 59, Alden- Erickson teaches, the method of claim 55, wherein at least one of 
the HTTP POST messages transmitted during step (6) comprises an identifier of said 
second computer encrypted with a first encryption key associated with the intermediate 
server, and wherein said encrypted information is encrypted with a second different 
encryption key associated with the second computer. (Erickson, Col. 5 lines 47-67, Col. 
8 lines 20-40, figure 5, Http Post) and (Alden, Col. 8 lines 45-67, keys) The same 
motivation that was utilized in the rejection of claim 55, applies equally as well to claim 
59. 
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For claim 60, Alden teaches, the method of claim 57, wherein the third encrypted HTTP 
message comprises: 

an encrypted identifier of the second computer, the identifier encrypted with a 
first encryption key associated with the third computer, and encrypted content for 
delivery to the second computer, the content encrypted with a different second 
encryption key associated with the second computer. (Erickson , Col. 5 lines 47-67, Col. 
x8 lines 20-40, figure 5, Http) and (Alden Col. 8 lines 45-67, keys) The same motivation 
that was utilized in the rejection of claim 55, applies equally as well to claim 60. 

Claims 61-81 list all the same elements of claims 55-60. Therefore, the supporting 
rationale of the rejection to claims 55-60 applies equally as well to claims 61 -81 . 

(10) Response to Argument 
Appellant argues claim 55 

Appellant argues return path, through the firewall via the HTTP POST, examiner 
would like to note that this is the point of combination of the prior art references, 
therefore both pieces of prior art need to be considered. But appellant is only 
considering Alden and Erickson by them selves and not the combination. Additionally 
this return path as described by the appellant in the specification in paragraph 34 is the 
act of sending the HTTP POST message which causes the port (80) associated with 
that message become open to allow messages to be sent thru the file wall, thus 
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initiation communication. Examiner would like to note that the combination of Erikson 
and Alden teach this. (Erickson, Col. 5 lines 45-67, use of HTTP port through firewall, 
Col. 6 lines 43-67, establish chunked data connection, Col. 7 lines 3-29, establish 
connection using HTTP post) 

Specifically, Erickson teaches that the port opens when the HTTP POST 
message is sent out in Col. 5 lines 47-67 and Alden teaches in figure 3, the 
communication between A->Firewall->B->C->Firewall->D, and the "pair-wise" 
connection which provides for the communication back and forth to thru the ports in the 
firewalls to the clients. Additionally the figure provided by the appellant in the 
arguments does not appear in the drawings in the application. The prior art in figure 3 
of Alden shows the communication as a singular line but when described by the 
combination of other prior art, a communication back and forth is disclosed. Alden in 
Col. 6 lines 47-67 discusses the connection made between the nodes as discussed by 
the claimed invention and Erickson discusses the creation of the HTTP POST message 
in Col. 5 lines 47-67, figure 5 and Col. 7 lines 5-15 with the "keep alive" message in Col. 
8 lines 20-40. 

Appellant also argues that Alden does not transmit data over a "return path" in 
that Alden discloses "programmed to pass packets received ... ", again this is the point 
of combination and when the prior art is combined the modification of Alden is done by 
Erickson where the path for the tunnel to be created is done by Erickson send the HTTP 
POST message which make port 80 (the HTTP port) available for communication back 
and forth through the firewall. (Erickson, Col. 7 lines 3-29, establish connection) 
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Appellant then argues encryption, of Alden. Alden establishes communication 
thru the firewall and the modification of Erickson creates this established communication 
occur over port 80 (the HTTP port) and the Alden provides for the connection between 
A->Firewall->B->C->Firewall->D over which the keys are sent creation a encrypted path 
and since Alden teaches the "pair-wise" connection the data returns D->Firewall->C->B- 
>Firewall->A over port 80 which was opened by Erickson. Applicant also argues the 
intermediate server, which either node B or C, because as the claim is presently written 
it does not prevent additional nodes from being in between destination. Also the 
specification as disclosed 

The appellant concludes by arguing step (2) and (5) of the claim which repeats 
the argument of creating a return path which the examiner has addressed. Examiner 
addresses this argument in that Alden teaches the establishment of communication of 
the connection of A->Firewall->B->C->Firewall->D and the reverse D->Firewall->C->B- 
>Firewall->A, therefore examiner anticipates the invention as shown on figure shown on 
page 8 of the appeal brief. (Alden, Col. 7 lines 1-19 pair-wise) 

Therefore the combination of Erickson and Alden anticipate the present 
invention. 

Appellant argues claim 57 

Appellant for claim 57 argues the receive channel, this channel is the port that 
become available for return traffic when a message is sent out. Erickson discusses in 
Col. 5 lines 47-67, that when the HTTP POST message is sent out, that port 80 for 
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HTTP messages is opened in the firewall for the tunnel to allow message back and forth 
thru the firewall. This path that is created by Alden of communication from A->Firewall- 
>B->C->Firewall->D and the reverse D->Firewall->C->B->Firewall->A, a "pair wise 
connection." (Alden, Col. 7 lines 1-19 pair-wise) Also Erickson in Col. 4 lines 51-67, 
discusses a persistent connection which is connected for the duration of the 
communication. Therefore the combination of Alden and Erickson teach appellant's 
presently claimed invention. 

Appellant argues claim 66 and 74 

Appellant in arguing claim 66 and 74 again argues establishing receiving channel 
as defined by the specification, as the examiner has discussed above the combination 
of Alden teaching a "pair wise' connection and Erickson teaching a persistent 
connection which is open for the duration of the communication the combination of 
Alden and Erickson anticipate the present invention. ." (Alden, Col. 7 lines 1-19 pair- 
wise) and (Erickson in Col. 4 lines 51-67, persistent connection) Appellant also 
comments on the grouping of claim, examiner notes that he has grouped the claim, but 
on further review of the claim the scope of the claim is broader then claim 55 therefore 
the rational applied to claim 55 anticipates the features of claim 66 and 74. Also 
appellant has not presented an argument that shows a distinction between claim 66 and 
74 from claim 55. Therefore the combination of Alden and Erickson teach the feature of 
the present invention. 
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Appellant argues claim 56 

Appellant argues the feature of decrypting and encrypting information using key 
for dependent claim 56, examiner has relied upon Alden for these feature. In col. 1 
Alden discusses types of encryption, "private" and "symmetric." Specification 
"symmetric" is a "shared key" which intermediate nodes to decrypt the message. Alden 
makes use of symmetric key in Col. 1 1 lines 30-40 to encapsulate the header of the 
message to allow it to protect the header and the in Col. 8 lines 45-67 Alden discusses 
the use of encryption in the tunnel. In addition Col. 1 0 lines 1 7-43 discuss the 
exchange of key for the private and public encryption used, hence supporting both 
"private" and "symmetric" encryption. Examiner has relied upon the entire reference for 
the rejection of the present invention. Therefore Alden anticipates claim 56. 

Appellant argues claim 59 

Appellant argues claim 59 and that Erickson does not teach encryption examiner 
is not relying upon Erickson soli, but the combination of Alden and Erickson to teach the 
feature of claim 59, hence the examiner cited from both pieces of prior art. Erickson 
teaches the feature of the "HTTP Post" message and Alden discusses the use of 
encryption as discussed in the argument present toward 56. As discussed in claim 56 
Alden relies upon multi levels of encryption. Encryption for the header (destination 
information) which is encrypted with the symmetric" key or shared key Col. 1 1 lines 30- 
40 and the "private" key which the appellant discuss is used for end point encryption 
therefore protecting the data in the packet to the destination. Therefore the data in the 
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packet is protected twice, with two types of encryption. Hence Alden and Erickson 
anticipate the features of claim 59. 

Appellant argues claim 60 

Appellant relies upon the arguments addressed in claim 59, therefore again the 
combination of Alden and Erickson anticipate these features. 

Appellant argues claim 63 

Appellant argues a first and second computer for claim 63, as discussed in 
arguments directed to claim 55 the combination of Alden and Erickson teaches A, B, C, 
and D nodes and the connection between them, therefore presently claimed invention is 
not patentable over the combination of Alden and Erickson. 

Appellant argues claim 70 

Appellant again argues encryption for claim 70, which was discussed in the 
argument directed to claims 56 and 59. Appellant does not provided any other 
arguments that distinguish over the combination of Alden and Erickson. 

Appellant argues claim 72 and 80 

Appellant in arguing claim 72 and 80 discuss the initiation of communication from 
the first computer to the third computer and from the second computer to the third 
computer. As discussed above Alden discusses a "pair-wise" communication and 
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(Alden, Col. 7 lines 1-19 pair-wise) therefore a communication connection is made in 
both directions. Therefore the combination of Alden and Erickson anticipate the 
presently claimed invention. 

Appellant argues claim 78 and Conclusion 

For claim 78 again appellant argues encryption which was discussed in 
arguments addressing claim 56 and 59 above similar rational also applies claim 78. 
There again the present invention is not distinct from the prior art of Alden and Erickson 
and appellant has not presented any argument the show a distinction for the prior art, 
therefore the present rejection should be affirmed. 

(11) Related Proceeding(s) Appendix 

No decision rendered by a court or the Board is identified by the examiner in the 
Related Appeals and Interferences section of this examiner's answer. 
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For the above reasons, it is believed that the rejections should be sustained. 

Respectfully submitted, 

/AB/ 

Ajay Bhatia 



Conferees: 



/Jason D Cardone/ 
Supervisory Patent Examiner, Art Unit 2145 



/Rupal D. Dharia/ 

Supervisory Patent Examiner, Art Unit 2141 



